﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using Org.BouncyCastle.Crypto;
using Org.BouncyCastle.X509;
using Org.BouncyCastle.X509.Extension;

namespace TheClerk.Access
{
	public class Identity
	{

        /// <summary>
        /// Only asymmetric keys are identities, everything else is
        /// an attribute
        /// </summary>
        /// <remarks>
        /// Every asymmetric keys is an identity. Only asymmetric
        /// keys are identities.  Everything else is an
        /// attribute, and attributes can be provided by
        /// sovereign fiat or by trusted signature chains.  Attributes
        /// are trusted or untrusted, depending on the
        /// source (fiat is automatically trusted, externally-
        /// sourced certificates are trusted only as far as
        /// fiat says they can be trusted).
        /// 
        /// If an identity needs to exist for an action which
        /// is being performed, but has not been provided,
        /// then this assigns a new key.
        /// 
        /// Identities are grouped according to whether we
        /// have a private key blob that connects to the
        /// public key.  Thus, "Me" and "Not Me".
        /// </remarks>

        private AsymmetricKeyParameter _me;

        /// <summary>
        /// The private key
        /// </summary>
        public AsymmetricKeyParameter Me
        {
            get { return _me; }
            protected set { _me = value; }
        }
        
        private AsymmetricKeyParameter _notme;

        /// <summary>
        /// The public key
        /// </summary>
        public AsymmetricKeyParameter NotMe
        {
            get { return _notme; }
            protected set { _notme = value; }
        }
        private X509Certificate[] _bindings;

        public X509Certificate[] Bindings
        {
            get { return _bindings; }
            protected set { _bindings = value; }
        }
        /// <summary>
        /// Allocate a new 
        /// </summary>
        public Identity() { }

        public Identity(AsymmetricCipherKeyPair kp)
        {
            Me = kp.Private;
            NotMe = kp.Public;
        }

        public Identity(AsymmetricKeyParameter pubkey)
        {
            Me = null;
            NotMe = pubkey;
        }

        public Identity(AsymmetricKeyParameter pubkey, AsymmetricKeyParameter prikey)
        {
            Me = prikey;
            NotMe = pubkey;
        }

        /// <summary>
        /// No local private key exists for the passed certificate
        /// </summary>
        /// <param name="notme"></param>
        public Identity(X509Certificate notme)
        {
            Me = null;
            NotMe = notme.GetPublicKey();
        }

	}
}
